Search everything...

Stats

Actions

Available In

Help us improve

Share bugs, ideas, or general feedback.

sigma-auth - Claude Code Plugin | ClaudePluginHub

Plugin

sigma-auth

Name: sigma-auth
Author: b-open-io

By b-open-io

Sigma Auth - Bitcoin-native OAuth with Better Auth, BAP identity, and comprehensive authentication patterns

npx claudepluginhub b-open-io/claude-plugins --plugin sigma-auth

Popularity

Stars

Med: 1·Avg: 289

Installs

Med: 0·Avg: 1

Forks

Med: 0·Avg: 38

Health & Quality

Maintenance

Top 25%

Excellent10.0/10

Med: 7/10·Avg: 7.3/10

Documentation4/4

README

Install guide

Confidence

45/100

Promising

Adoption

Popularity

Maintenance

100

Documentation

What's Inside

Slash Commands1

Sigma Auth Setup

/setup

Quick setup guide for integrating Sigma Identity authentication.

Agents1

sigma-auth-guide

/sigma-auth-guide

Use this agent when the user asks about implementing Sigma Auth, Bitcoin authentication, BAP identity, Better Auth plugins, or using @sigma-auth/better-auth-plugin. Expert in OAuth 2.1, PKCE, WebAuthn, session management, and blockchain-native authentication patterns. <example> Context: User wants to add Sigma Identity auth to their Next.js app user: "How do I add Sigma Auth to my app?" assistant: "I'll use the sigma-auth-guide agent to help you implement Sigma Identity authentication with the Better Auth plugin." <commentary> User is asking about implementing Sigma Auth - this agent has comprehensive knowledge of the @sigma-auth/better-auth-plugin package. </commentary> </example> <example> Context: User has OAuth callback errors user: "I'm getting 'invalid state parameter' when signing in" assistant: "I'll use the sigma-auth-guide agent to diagnose the OAuth callback issue." <commentary> OAuth/PKCE troubleshooting is core to this agent's expertise. </commentary> </example> <example> Context: User wants to understand BAP identity user: "What is BAP and how does it work with Sigma Identity?" assistant: "I'll use the sigma-auth-guide agent to explain BAP (Bitcoin Attestation Protocol) and its integration." <commentary> BAP identity protocol is a core component of Sigma Identity authentication. </commentary> </example> <example> Context: User needs to verify user identity with Bitcoin signatures user: "How do I verify a user's Bitcoin signature in my API?" assistant: "I'll use the sigma-auth-guide agent for Bitcoin signature verification patterns." <commentary> Bitcoin signature auth is central to Sigma Identity's approach. </commentary> </example>

Skills5

bitcoin-auth-diagnostics

/bitcoin-auth-diagnostics

Diagnose and troubleshoot bitcoin-auth token generation and verification issues. This skill should be used when users encounter authentication failures, signature verification errors, or integration problems with the bitcoin-auth library.

device-authorization

/device-authorization

This skill should be used when the user asks to "implement device auth", "add device authorization", "authenticate desktop app", "authenticate CLI tool", "device code flow", "RFC 8628", "poll for token", "get user info after device auth", or mentions authenticating apps that can't handle browser redirects. Provides step-by-step guidance for device authorization with Sigma Identity.

setup-convex

/setup-convex

Setup Sigma Auth OAuth integration in a Convex application. Guides through installing @sigma-auth/better-auth-plugin, configuring Convex environment variables, and setting up the auth server.

setup-nextjs

/setup-nextjs

Setup Sigma Auth OAuth integration in a Next.js application. Guides through installing @sigma-auth/better-auth-plugin, configuring environment variables, creating auth client, implementing sign-in flow, and setting up API routes for token exchange with Bitcoin-native authentication.

tokenpass

/tokenpass

This skill should be used when the user asks about "TokenPass", "install TokenPass", "run TokenPass server", "TokenPass desktop app", "TokenPass API", "personal identity server", "be your own OAuth provider", or needs help setting up, configuring, or integrating TokenPass Server or Desktop applications. Provides installation, configuration, and API integration guidance.

Stats

Version0.0.6

Stars0

MaintenanceExcellent

Last CommitApr 30, 2026

AddedMar 4, 2026

Actions

View on GitHub View README Plugin Marketplace JSON

Own this plugin?

Verify ownership to unlock analytics, metadata editing, and a verified badge.

Available In

b-open-io

Safety Signals

Caution

Uses power tools

Uses Bash, Write, or Edit tools

Help us improve

Share bugs, ideas, or general feedback.

README

@sigma-auth/better-auth-plugin

Bitcoin-native authentication for Better Auth. Users sign in with their Bitcoin wallet. Identity is a cryptographic keypair — persistent across apps, controlled only by the user.

Maintained by Sigma Identity. For support, open an issue on GitHub.

Features

Passwordless from day one — Bitcoin wallet signatures replace passwords and magic links
BAP identity support — Bitcoin Attestation Protocol provides persistent, portable user profiles
PKCE OAuth flow — Fully spec-compliant authorization code flow with PKCE for public clients
Iframe signer — Client-side signing without exposing private keys to your app domain
Local signer fallback — Optional local TokenPass server for offline or privacy-first deployments
NFT-based role gating — Assign roles based on NFT collection ownership across connected wallets
Token balance gating — Grant roles when users hold minimum BSV-21 token balances
BAP admin whitelist — Designate admins by Bitcoin identity key, checked at every session creation
Multi-identity wallets — Users can select among multiple BAP identities at sign-in
Subscription tiers — Verified subscription status flows through to your session
Next.js App Router — Ready-to-use route handlers with a single import
Payload CMS — Drop-in callback handler with customizable user creation
Convex — Works inside @convex-dev/better-auth with no local auth instance required
Full TypeScript — All types exported, including SigmaUserInfo, BAPProfile, and JWT claims

Installation

bun add @sigma-auth/better-auth-plugin
# or
npm install @sigma-auth/better-auth-plugin

Peer dependencies

Install only what you use:

# Required for all integrations
bun add better-auth

# Required for server-side token exchange
bun add bitcoin-auth

# Required for the provider plugin (running your own auth server)
bun add @bsv/sdk bsv-bap @neondatabase/serverless zod

# Required for Payload CMS integration
bun add payload-auth

Quick Start

This is the standard setup for an app that authenticates users via Sigma Identity. The whole flow takes under five minutes.

1. Set environment variables

# .env.local
NEXT_PUBLIC_SIGMA_CLIENT_ID=your-app-id
NEXT_PUBLIC_SIGMA_AUTH_URL=https://auth.sigmaidentity.com
SIGMA_MEMBER_PRIVATE_KEY=your-wif-private-key   # server-side only

Get your client ID and register your redirect URI at sigmaidentity.com/developers.

2. Configure the auth client

// lib/auth.ts
import { createAuthClient } from "better-auth/client";
import { sigmaClient } from "@sigma-auth/better-auth-plugin/client";

export const authClient = createAuthClient({
  baseURL: process.env.NEXT_PUBLIC_SIGMA_AUTH_URL || "https://auth.sigmaidentity.com",
  plugins: [sigmaClient()],
});

3. Add the token exchange route

// app/api/auth/sigma/callback/route.ts
import { createCallbackHandler } from "@sigma-auth/better-auth-plugin/next";

export const runtime = "nodejs";
export const POST = createCallbackHandler();

4. Add the OAuth callback page

// app/auth/sigma/callback/page.tsx
"use client";

import { Suspense, useEffect } from "react";
import { useRouter, useSearchParams } from "next/navigation";
import { authClient } from "@/lib/auth";

function CallbackContent() {
  const router = useRouter();
  const searchParams = useSearchParams();

  useEffect(() => {
    authClient.sigma.handleCallback(searchParams)
      .then((result) => {
        // Store tokens and user data in your state management solution
        localStorage.setItem("sigma_user", JSON.stringify(result.user));
        localStorage.setItem("sigma_access_token", result.access_token);
        router.push("/");
      })
      .catch((err) => {
        authClient.sigma.redirectToError(err);
      });
  }, [searchParams, router]);

  return <p>Completing sign in...</p>;
}

export default function CallbackPage() {
  return (
    <Suspense fallback={<p>Loading...</p>}>
      <CallbackContent />
    </Suspense>
  );
}

5. Add a sign-in button

import { authClient } from "@/lib/auth";

export function SignInButton() {
  return (
    <button
      onClick={() =>
        authClient.signIn.sigma({
          clientId: process.env.NEXT_PUBLIC_SIGMA_CLIENT_ID!,
        })
      }
    >
      Sign in with Bitcoin
    </button>
  );
}

The user clicks the button, authenticates with their Bitcoin wallet on the Sigma Identity server, and lands back in your app with a SigmaUserInfo object containing their pubkey, display name, and BAP identity.

Architecture

How Bitcoin authentication works

View full README on GitHub

Help us improve

Find plugins for your project

Help us improve

sigma-auth

Popularity

Health & Quality

Confidence

What's Inside

Help us improve

README

@sigma-auth/better-auth-plugin

Features

Installation

Peer dependencies

Quick Start

1. Set environment variables

2. Configure the auth client

3. Add the token exchange route

4. Add the OAuth callback page

5. Add a sign-in button

Architecture

How Bitcoin authentication works

Similar Plugins

wallet-security-auditor

better-auth

authentication-specialist

circle

auth0

workos

More by b-open-io

bopen-tools

1sat

bsv-skills

gemskills

clawnet-bot

@sigma-auth/better-auth-plugin

Features

Installation

Peer dependencies

Quick Start

1. Set environment variables

2. Configure the auth client

3. Add the token exchange route

4. Add the OAuth callback page

5. Add a sign-in button

Architecture

How Bitcoin authentication works